class LogonController < ApplicationController
  def thongtin
  end
  
  def dangnhap

  end

  def sessioncreate
    @user = User.find_by_username(params[:username])
    respond_to do |format|
      if(@user && @user.password == params[:password])
        session[:user_id] = @user.id
        if @user.level == 1
          format.html {redirect_to root_url, :notice => "Logged in!"}
        else
          format.html {redirect_to nhanvien_root_url, :notice => "Logged in!"}
        end
        
      else
        flash.now.alert = "Invalid username or password"
        format.html { render action: "dangnhap" }
      end
    end

  end

  def dangki
    @user = User.new
  end

  def create
    @user = User.new(params[:user])
    @user.level = 1;
    @user.status = false;
    respond_to do |format|
      if @user.save
        format.html { redirect_to root_path, notice: 'User was successfully created.' }
      else
        format.html { render action: "dangki" }
      end
    end
  end

  def edit
    @user = current_user
  end
  def update
    @user = current_user

    @user.password_confirmation = @user.password;
    respond_to do |format|
      if @user.update_attributes(params[:user])
        format.html { redirect_to thongtin_user_path, notice: 'User was successfully updated.' }
        format.json { head :no_content }
      else
        format.html { render action: "edit" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end
  def dangxuat
    session[:user_id] = nil
    redirect_to root_url, :notice => "Logged out!"
  end
end
